Information encryption transmission/reception method

ABSTRACT

An information encrypting transmission and reception method in an information transmission and reception network composed of a plurality of senders and receivers having computers being connected and communicating each other via a web network and a data center having a server computer for receiving electronic key data of bit data formed by the senders and receivers and personal data such as address corresponding to each electronic key data to register the serer computer and certifying the senders and the receivers with each personal data.

TECHNICAL FIELD

The present invention relates to an information encrypting transmissionand reception method which is substantially a perfect method having nodanger that information is decrypted by a person other than a sender anda receiver of the information in transmissions and receptions ofplaintext information of various contents in use of computers connectedto a web network.

BACKGROUND ART

As conventional, an information encrypting transmission and receptionmethod is implemented by various proposed cryptosystems. The best knowncryptosystems of those proposed systems is an RSA(Rirest-Shamir-Adleman). In the RSA, sender's information is encryptedin use of receiver's “public key” before transmitting, and also, thesender and the receiver transmit and receive their electronic signaturesso that the receiver certifies the identification of the sender and thevalidity of the transmitted information. Such double processes arerequired in the RSA (for example, see Japanese patent applicationslaid-open No. H11-353280 and No. 2001-052125).

DISCLOSURE OF THE INVENTION PROBLEM TO BE SOLVED BY THE INVENTION

The present invention has an object for providing an informationencrypting transmission and reception method in transmissions andreceptions for exchanging encrypted information between a sender and areceiver. In the method of the present invention, it is not necessary totransmit and receive electronic signatures separately from theinformation to be exchanged as the above described conventionalcryptosystem. Accordingly, in the method of the present invention, thesender and the receiver are not required to disclose their keyinformation to each other, and further, it is very difficult orsubstantially impossible for a third person to interpret the keyinformation or the encrypted information while the information is 100%reproducible by the receiver.

MEANS FOR SOLVING PROBLEM

An information encrypting transmission and reception method according tothe present invention has the following structure, as a firstcharacteristic,:

in an information transmission and reception network composed of aplurality of senders and receivers having computers being connected andcommunicating each other via a web network and a data center having aserver computer for receiving electronic key data of bit data formed bythe senders and receivers and personal data such as addresscorresponding to each electronic key data to register the servercomputer and certifying the senders and the receivers with each personaldata, comprising:

by one of the senders, firstly decrypting bit data of originalinformation such as plaintext to be transmitted to one of the receiversby performing an exclusive OR operation in use of the bit data of theregistered electronic key of the sender and transmitting the firstlyencrypted data attached with personal data of the sender and thereceiver to the receiver;

by the server computer of the data center, decrypting the bit data ofthe electronic key of the sender by performing an exclusive OR operationon the transmitted firstly encrypted bit data in use of bit data of thekey data of the sender certified with the personal data of the sender,secondly encrypting the decrypted data by performing an exclusive ORoperation the in use of bit data of the registered electronic key of thereceiver certified with transmitted personal data of the receiver so asto form secondly encrypted bit data, and transmitting the secondlyencrypted bit data to the receiver; and

by the receiver, receiving the secondly encrypted bit data from the datacenter, and decrypting the secondly encrypted bit data in to theoriginal information such as plaintext by performing an exclusive ORoperation in use of bit data of the electronic key of the receiver.

According to the above encryption transmission and reception method ofthe present invention, since the sender and the receiver are directlyconnected via the server computer forming a data center provided on theweb network, a congestion of information traffic may be caused whenencrypted transmissions from senders are concentrated.

Accordingly, in order to cast aside such concern in advance, the presentinvention is provided to include the following structure, as a secondcharacteristic,:

in an information transmission and reception network composed of aplurality of senders and receivers having computers being connected andcommunicating each other via a web network and a data center having aserver computer for receiving electronic key data of bit data formed bythe senders and receivers and personal data such as addresscorresponding to each electronic key data to register the servercomputer and providing the data only to a person who is certified his orher validity in use of the registered data as certification data,comprising:

providing a sender server computer for transmitting and receiving dataof the senders and a receiver server computer for transmitting andreceiving data of the receivers that are connected to the web network;

firstly encrypting bit data of original information such as plaintext tobe transmitted from one of the senders to one of the receivers byperforming an exclusive OR operation in use of bit data of electronickey of the sender and transmitting the firstly encrypted bit dataattached with personal data of the receiver to the sender servercomputer;

by the sender server computer, receiving bit data of the electronic keyof the receiver by submitting personal data of the receiver to the datacenter, secondly encrypting the firstly encrypted bit data by performingexclusive OR operation in use of receive bit data of the electronic keyof the receiver, and transmitting the secondly encrypted bit dataattached with personal data of the sender and the receiver to thereceiver server computer;

by the receiver server computer, receiving the secondly encrypted bitdata, receiving bit data of the electronic key of the sender bysubmitting personal data of the sender to the data center, thirdlyencrypting the secondly encrypted bit data by performing exclusive ORoperation in use of receive bit data of the electronic key of thesender, and informing the receiver about the reception of the thirdlyencrypted bit data or transmitting the thirdly encrypted bit data to thereceiver; and

by the receiver, obtaining the original information such as plaintextfrom the sender by performing an exclusive OR operation on the thirdlyencrypted bit data in use of the bit data of the electronic key of thereceiver.

More preferably, in the present invention, the server computer of thedata center uses electronic key data set by each sender and receiver aselectronic personal seal data for authentication and as informationhiding data for hiding data transmitted and received between the senderand the receiver. Further, chaos image data or fractal image data isused for the electronic personal seal data and/or the information hidingdata. It is further preferable that the image date is moving data.

The main reason of employing such particular kind of image data is thatthe data can be reproducible with 100% accuracy at a practical level ofinformation security when chaos image data (still image or moving image)and fractal image data (still image or moving image) are used since theinventor of the present invention employs an encode technique (invisibleprocessing technique) and decode technique (invisible processingtechnique) in order to be prepared for a case that a trouble happens andre-calculation as legal (objective) evidence is required in the future.In the encode technique and the decode technique, an analysis visibleprocessing technique (a patent application regarding this technique isgoing to be filed) maintaining a calculation accuracy, simply based onmathematical theories, beyond a common practice in the computingengineering and an “invisible processing technique” reversely applyingflow of the processes of the processing technique (process task) areemployed as a complementation system. Further, the intensity ofencryption and accuracy of evidence can be maximally improved by usingthe above described nonlinear iterative calculation image data based ona calculation logic (algorithm) which cannot be easily generated by athird person.

Further, according to the present invention, the original informationsuch as plaintext is preliminary encrypted by performing an exclusive ORoperation on at least each bite of the original information in use ofrandom number bit data in advance of firstly encrypting of the originaldata in use of bit data of the electronic key of the sender. After that,data may be firstly encrypted in use of the electronic key data of thesender. The bit data of the random number is registered withauthentication data of the sender to the server computer of the datacenter and provided to an authenticated person.

According to the present invention, encryption may be preferablyperformed in the same way as the above described preliminary encryptionin any encryption with each electronic key.

Further, the data of the preliminary electronic key may be used as dataof an electronic envelop.

EFFECT OF THE INVENTION

According to the present invention, electronic keys of each sender andreceiver are registered in a data center on a web network. In the datacenter, transmitted data encrypted by the sender in use of own key isdecrypted with the sender's key and then encrypted in use of receiver'skey. Accordingly, authentication of the sender and the receiver andencryption of the transmitted data addressed to the receiver aresimultaneously performed. Therefore, as a conventional public keysystem, the process of separately transmitting the sender's electronicsignature to the receiver in order to authenticate the sender is notrequired so that high-speed processing in transmissions and receptionsof encrypted document can be achieved.

Further, since transmission and reception of key information are notperformed between the sender and the receiver, it is superior insecurity.

In other words, according to the present invention, “double processes”of electronic signature validation as shown in the conventionalinformation communication can be avoided. This is because, asconventional document exchanges involving “notary office,” an objectivelegal evidence admissibility as a “digital notary office” may storeprocessing history (CR1-->CR2-->CR3) of information communicationsimilar to the presence of the record of registered personal seal andtally impression (obtain as a communication record). Further, in theencrypted information having legal authentication function(notarization) with objectivity beyond conventional arts, “disturbanceprocess of information” like shuffling playing cards which is necessaryin conventional encryption process is replaced with hiding ofinformation (exclusive OR operation of particular image data andinformation data, which has an electronic personal seal (personal sealor registered personal seal)) by chaos image (still image or movingimage) and fractal image (still image or moving image). Therefore,according to the present invention, a information security networksystem can be established, that is not requiring “double process” whilelegal evidence admissibility having an objectivity beyond that of publickey encryption within shorter period of time than the conventionalcommon key encryption, and also, having an advantage of steganographyencryption.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram showing a frame format of a transmission andreception system and a manner of transmitting and receiving in a secondstructure according to the present invention;

FIG. 2 is an explanatory table showing a relationship between atransmission source and a transmission destination in a transmission andreception method according to the present invention; and

FIG. 3 is an explanatory diagram showing a frame format of a part ofeach bit data in order to explain a relationship among a plaintext, anelectronic key, and an encrypted text in the transmission and receptionmethod according to the present invention.

BEST MODE FOR CARRYING OUT THE INVENTION

There will be detailed below an embodiment of the present invention withreference to the accompanying drawings. FIG. 1 is a block diagramshowing a frame format of a transmission and reception system and amanner of transmitting and receiving in a second structure according tothe present invention; FIG. 2 is an explanatory table showing arelationship between a transmission source and a transmissiondestination in a transmission and reception method according to thepresent invention; and FIG. 3 is an explanatory diagram showing a frameformat of a part of each bit data in order to explain a relationshipamong a plaintext, an electronic key, and an encrypted text in thetransmission and reception method according to the present invention.

In FIG. 1, “1” represents a web network. To the web network 1, a datacenter 2 including a main server computer 2A is connected. The mainserver computer 2A is configured to register electronic key or the likeof a sender or a receiver, which is used for a transmission andreception method of the present invention, or authenticate the sender orthe receiver. To the web network 1, a plurality of computers of users assenders and receivers are also connected. In FIG. 1, for the sake ofconvenience for explaining, a sender 3 having a computer 3A and areceiver 4 having a computer 4A are shown. To the web network 1, aserver computer 5 (hereinafter, also referred to as a sender server 5)for communications by the sender and a server computer 6 (hereinafter,also referred to as a receiver server 6) for communications by thereceiver are connected.

The sender 3 and the receiver 4 register electronic key data used forencrypting and/or decrypting their transmitting or receiving documents,personal data such as their residence, and addresses of the senderserver 5 and the receiver server 6 to the server computer 2A of the datacenter 2. Necessary data is provided based on a request from a personwho is authenticated by checking with each data registered in the servercomputer 2A. The registration of each data to the server computer 2A ofthe data center 2 is implemented with bit data.

After registering electronic key data and residence respectively to thedata center 2, the sender 3 and the receiver 4 send and receiveinformation encrypted as described below via the sender server 5 and thereceiver server 6 respectively. The encryption will be described below.In the following example, for the sake of convenience of the sender, thepersonal data is explained as residence data (address), however, thepersonal data according to the present invention is not limited toresidence data.

The sender 3 firstly encrypts by performing an exclusive OR operation onbit data FD of plaintext to be transmitted in use of bit data BP of ownelectronic key. The sender 3 adds residence data tag 3 ad and receiver'sresidence data tag 4 ad to the firstly encrypted data CR1 and transmitsthe firstly encrypted data CR1 to the sender server 5.

The sender server 5 transmits the tag 3 ad of the sender 3 and the tag 4ad of the receiver 4 in the received data to the server computer 2A ofthe data center 2 for an authentication of validity of the sender 3 andthe receiver 4 and obtains electronic key data and address data of thereceiver server 6 which are registered by the receiver 4. The senderserver 5 secondly encrypts by performing an exclusive OR operation onthe firstly encrypted data CR1 received from the sender 3 in use of thebit data CS of the receiver's electronic key obtained from the datacenter 2. The sender receiver 5 adds the sender's residence data tag 3ad and the receiver's residence data tag 4 ad to the secondly encryptedbit data CR2 and transmits the data CR2 to the receiver server 6.

When receiving the secondly encrypted data CR2, the receiver server 6transmits the tag 3 ad of the sender 3 and the tag 4 ad of the receiver4 to the server computer 2A of the data center for and authentication ofthe validity and obtains electronic key data or the sender 3. Thereceiver server 6 thirdly encrypts by performing an exclusive ORoperation on the secondly encrypted data CR2 in use of the bit data BPand forms thirdly encrypted bit data CR3. The receiver server 6 notifiesto the receiver 4 that the thirdly encrypted bit data CR3 is received.This notification may be implemented by directly transmitting thethirdly encrypted data CR3 to the receiver 4.

When the receiver 4 performs an exclusive OR operation on thetransmitted data of the thirdly encrypted data CR3 in use of bit data CSof own electronic key, the thirdly encrypted data CR3 becomes theoriginal plaintext so that the plaintext information transmitted by thesender 3 can be obtained.

The above described process in which the plaintext transmitted form thesender 3 is encrypted by the server computer 2A, the sender computer 5,and the receiver computer 6, transmitted to the receiver 4, and changedinto the original plaintext by the receiver 4 will be explained withreference to a diagram showing a frame format of bit data in FIG. 3.Each bit data in FIG. 3 is shown in data amount sufficient to explainencryption and decryption according to the present invention.

In FIG. 3, FD is an example of a part of plaintext bit data. In the bitdata, an uncolored bit represents “0” and a black-colored bit represents“1.” When an exclusive OR operation is performed on the plaintext bitdata in use of bit data BP of the electronic key of the sender 3, afirstly encrypted bit data CR1 shown blow the data BP is obtained.

When a further exclusive OR operation is performed on the firstlyencrypted data CR1 in use of bit data CS of the electronic key of thereceiver 4, a secondly encrypted bit data CR2 shown below the data CS isobtained.

Next, an exclusive OR operation is performed on the secondly encrypteddata CR2 in use of bit data BP of the electronic key of the sender 3, athirdly encrypted bit data CR3 in which the sender's key data BP isdecrypted is obtained.

Here, an exclusive OR operation is performed on the thirdly encrypteddata CR3 in use of bit data CS of the electronic key of the receiver 4,the receiver's electronic key data CS is removed and the thirdlyencrypted bit data CR3 is decrypted into a plaintext bit data FD.

In the above explanation, a server computer is composed of the servercomputer 2A of the data center 2, the sender server computer 5, and thereceiver server computer 6, and each role is shared by the servercomputer 2A of the data center 2 and the server computers 5 and 6.However, in the information encrypting transmission and reception methodaccording to the present invention, the roles of the sender servercomputer 5 and the receiver sever computer 6 may be performed by theserver computer 2A of the data center 2.

As described above, according to the information encrypting transmissionand reception method of the present invention, encryption of transmittedinformation and authentication are performed simultaneously andinseparably by implementing the following processes serially via theserver computer 2A as an authenticator in the dater center 2. Theprocesses are:

the sender 3 transmits information which is firstly encrypted with thesender's electronic key data to the sender server computer 5 via the webnetwork 1;

the sender server computer 5 is authenticated by the data center 2,secondly encrypts the firstly encrypted information, and transmits thesecondly encrypted information to the receiver server 6 via the webnetwork 1;

the receiver server 6 is authenticated by the data center 2, thirdlyencrypts the secondly encrypted information with the sender 3'selectronic key data, and informs the receiver 4 about the reception ofthe thirdly encrypted information or transmits the thirdly encryptedinformation to the receiver 4; and

the receiver 4 receives the thirdly encrypted information and decryptsthe information into plaintext with the receiver's electronic key.

As a result, according to the transmission and reception method of thepresent invention, exchanging digital signatures between the sender andthe receiver to authenticate the validity of the sender is not requiredas shown in the conventional RSA system and such trouble can be avoided.

However, in the method of the present invention, when a chaos image or afractal image (still image or moving image) is used as data ofelectronic key, the receiver cannot determine whether the receivedinformation is correct information, information with viruses, falsifiedinformation, spoofed information, or just a noise. Accordingly, in thepresent invention, the receiver 4 is informed by so called an electronicenvelop function formed of a still image or moving image with sound thatthe receiver server computer 6 receives mail from the sender 3.

When the sender 3 and the receiver 4 register their encryption keys datato the server computer 2A of the data center 2, bit data used for theelectronic envelop function is registered as one of the above describedpersonal data (including address or the like). The registered bit datais attached to data of communication document and transmitted to thereceiver server computer 6. Then the receiver server 6 transmits the bitdata to the receiver 4 as an electronic envelop. The data used for theelectronic envelop function may be registered to the data center 2 as acommon key of particular sender 3 and receiver 4.

INDUSTRIAL APPLICABILITY

As described above, according to the encrypted transmission andreception method of the present invention, processing speed is fastsince the number of bits in the original information such as plaintextand the number of bits in the encrypted information do not change nomatter how many times the information is encrypted. Further, since theencryption processes are performed in use of a plurality of electronickeys, there is an advantage that security is more robust in the presentinvention.

According to the method of the present invention, when a chaos imagedata or a fractal image data of moving image is used as key data, thekey data can be changed as many times as needed not every communicationbut every small period of time such as 1/100 second. Thus, it isvirtually impossible for a third person to do something dishonest.

Further, since the receiver is informed in advance, by the electronicenvelop function, that a communication document encrypted in use of theabove moving image data as key data is to be transmitted to thereceiver, any problem such that the receiver confuses the data withother data or does not recognize the reception of the communicationdocument will not occur even when the communication document transmittedto the receiver is highly encrypted data by the decryption method of thepresent invention.

1. An information encrypting transmission and reception system in aninformation transmission and reception network composed of a pluralityof senders and receivers having computers being connected andcommunicating each other via a web network and a data center having aserver computer for receiving electronic key data of bit data formed bythe senders and receivers and personal data such as addresscorresponding to each electronic key data to register the servercomputer and providing the data only to a person who is certified his orher validity in use of the registered data as certification data,comprising: providing a sender server computer for transmitting andreceiving data of the senders and a receiver server computer fortransmitting and receiving data of the receivers that are connected tothe web network; firstly encrypting bit data of original informationsuch as plaintext to be transmitted from one of the senders to one ofthe receivers by performing an exclusive OR operation in use of bit dataof electronic key of the sender and transmitting the firstly encryptedbit data attached with personal data of the receiver to the senderserver computer; by the sender server computer, receiving bit data ofthe electronic key of the receiver by submitting personal data of thereceiver to the data center, secondly encrypting the firstly encryptedbit data by performing exclusive OR operation in use of received bitdata of the electronic key of the receiver, and transmitting thesecondly encrypted bit data attached with personal data of the senderand the receiver to the receiver server computer; by the receiver servercomputer, receiving the secondly encrypted bit data, receiving bit dataof the electronic key of the sender by submitting personal data of thesender to the data center, thirdly encrypting the secondly encrypted bitdata by performing exclusive OR operation in use of received bit data ofthe electronic key of the sender, and informing the receiver about thereception of the thirdly encrypted bit data or transmitting the thirdlyencrypted bit data to the receiver; and by the receiver, obtaining theoriginal information such as plaintext from the sender by performing anexclusive OR operation on the thirdly encrypted bit data in use of thebit data of the electronic key of the receiver.
 2. The informationencrypting transmission and reception system according to claim 1,wherein the original information such as plaintext is preliminaryencrypted by performing an exclusive OR operation on at least each bitof the original information in use of random number bit data in advanceof firstly encrypting of the original data in use of bit data of theelectronic key of the sender.
 3. The information encrypting transmissionand reception system according to claim 2, wherein bit data of therandom number and/or electronic key is a password random number of the nbit including 6 to 10 digits of 64 bits, a pseudo random number based onthe random number, a chaos random number, or a fractal random number. 4.The information encrypting transmission and reception system accordingto claim 2, wherein the server computer of the data center useselectronic key data set by each sender and receiver as electronicpersonal seal data for authentication and as information hiding data forhiding data transmitted and received between the sender and thereceiver.
 5. The information encryption transmission and receptionsystem according to claim 4, wherein chaos image data or fractal imagedata is used for the electronic personal seal data and/or theinformation hiding data.
 6. The information encrypting transmission andreception system according to claim 5, wherein the image data in claim 5is moving image data.
 7. The information encrypting transmission andreception system according to claim 1, wherein the receiver servercomputer informs the receiver with an electronic envelop data thatencrypted communication document is received.
 8. The informationencrypting transmission and reception system according to claim 7,wherein bit data of the random number, bit data of the electronic key,and bit data of the electronic envelop are registered to the data centeror the server computer set as an authenticator so as to be readable onlyby an authenticated person.